Get more articles like this and Register for our Forum.

Cryptoraphy

In computer security jargon a Man In The Middle attack occurs when a snoop (the Man in the Middle) is gains access and is able to modify a presumed to be secure connection over the web. Especially against systems using public-key cryptography, this is a particularly effective method of eavesdropping.

Unfortunately, it looks like Tor — the onion routing network that purports to make your surfing habits anonymous, may have fallen victim to just this type of attack.


Tor-o, Tor-o

Dan Egarstad, a Swedish security researcher, stumbled upon some email traffic from the Swedish embassy that was leaking out of Tor exit nodes. These nodes are the points where re-routed Tor traffic makes its way back onto the Internet proper. Swedish feds were none to pleased with his snooping, but beyond that he illustrated the point that if he could do it anyone could.

Researchers that took Mr. Egarstad’s work further discovered that there were quite a few Tor exit nodes that were configured to only accept traffic from protocols that are commonly used for Instant Messaging and Email. Which is fairly suspicious behavior in and of itself.

What does this all mean?

Potentially, anyone who has been routing emails, IMs or anything else through Tor in hopes of keeping it anonymous may be compromised. There is no telling who is actually looking at this data, but it looks like someone is. There is a chance that whoever is snooping doesn’t really have ill intent, but even so if you have transferred particularly sensitive data over the network you have reason to be concerned.

Is there anything you can do about it?

Well, until this is all sorted out it might be a good idea to stay away from Tor. The problem with any system that attempts to obfuscate communication is that it becomes a juicy target for anyone who wants to see what people have to hide. If you decide to still use Tor, be sure to configure it properly. Tor can’t help you if it’s incorrectly configured.


Web 2.0 Roundup

Until more information is available, I would keep the tin foil hats safely tucked away and just be careful. That being said, if you have recently sent the launch codes to that shiny new spy satellite over Tor, you may want to get them changed.

[Be sure to subscribe to the RSS feed before leaving. Photo Credit]

These icons link to social bookmarking sites where readers can share and discover new web pages.
  • del.icio.us
  • bodytext
  • StumbleUpon
  • Ma.gnolia
  • Reddit
  • Slashdot